Why windows executables show incorrect compiler timestamps?
They're deliberately set to a fixed value:
-
The Old New Thing: Why are the module timestamps in Windows 10 so nonsensical?
One of the changes to the Windows engineering system begun in Windows 10 is the move toward reproducible builds. This means that if you start with the exact same source code, then you should finish with the exact same binary code.
[…]
Timestamps are another source of non-determinism. Even if all the inputs are identical, the outputs will still be different because of the timestamps. [...] Setting the timestamp to be a hash of the resulting binary preserves reproducibility.
-
The Old New Thing: What does the executable timestamp really mean?
The name timestamp is misleading. Its real purpose is to act as a signature so that the operating system can determine whether a DLL against which one set of values was precalculated matches the DLL physically on the system. A better name for it would have been "UniqueId".
Note: There are two meanings to the term 'signature' here. Raymond calls the field a "signature" only in the sense of it being something unique that allows distinguishing this binary from other binaries (in the same way that the 'MZ' bytes are a signature for all .exe files). It is however not a cryptographic digital signature and does nothing to ensure the file's integrity or authenticity.